Package: libcroco3 Version: 0.6.12-2 Severity: important Dear Maintainer,
The cr_parser_parse_stylesheet() function in cr-parser.c can cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file. Which can lead csslint-0.6 hangs forever. $ csslint-0.6 cr-parser.c@@cr_parser_parse_import.css csslint will not return and the it's CPU consumption is 100% The cause of this bug is that, the cr_parser_parse_stylesheet() function called cr_parser_parse_media() cr_parser_parse_import() and cr_parser_parse_ruleset() , but cr_parser_parse_media() cr_parser_parse_import() and cr_parser_parse_ruleset() didn't return a right status correctly while parsing malformed css file,thus making cr_parser_parse_stylesheet() run in a infinite loop. -- System Information: Debian Release: 9.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-6-amd64 (SMP w/1 CPU core) Locale: LANG=en_HK.UTF-8, LC_CTYPE=en_HK.UTF-8 (charmap=UTF-8), LANGUAGE=en_HK:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libcroco3 depends on: ii libc6 2.24-11+deb9u3 ii libglib2.0-0 2.50.3-2 ii libxml2 2.9.4+dfsg1-2.2+deb9u2 -- Jin Huang, ADLab of Venustech
@import
@mediaa
ia{s:x
